matthieu/frr
1
0
Fork 0
forked from Mirror/frr
Code Pull requests Activity

ripd: out-of-bounds read (Coverity 1399295)

Browse source 
Signed-off-by: F. Aragon <paco@voltanet.io>
This commit is contained in:
paco 2018-06-22 15:41:35 +02:00
parent 0a8990d5f8
commit 0961ea934f
No known key found for this signature in database
GPG key ID: FD112A8C7E6A5E4A
1 changed files with 2 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
ripd/ripd.c
View file

@ -799,11 +799,11 @@ static int rip_auth_simple_password(struct rte *rte, struct sockaddr_in *from,
struct interface *ifp) struct interface *ifp)
{ {
struct rip_interface *ri; struct rip_interface *ri;
char *auth_str = (char *)&rte->prefix; char *auth_str = (char *)rte + offsetof(struct rte, prefix);
int i; int i;
/* reject passwords with zeros in the middle of the string */ /* reject passwords with zeros in the middle of the string */
for (i = strlen(auth_str); i < 16; i++) { for (i = strnlen(auth_str, 16); i < 16; i++) {
if (auth_str[i] != '\0') if (auth_str[i] != '\0')
return 0; return 0;
} }